Many power tools do not have capabilities to send data over full data networks using, for example, the IP and TCP or UDP data protocols that enable end-to-end communication over a data network. Instead, the power tools only include local peripheral connections including, for example, universal serial bus (USB), RS-232 and RS-485 serial lines, infrared, point-to-point wireless, and other suitable peripheral connections that enable direct communication between an embedded computing system in the power tool and another computer, such as a PC. While the power tool is not typically treated as a computer, the computing system in the power tool is referred to as an “embedded device” that receives commands from an external computer and performs maintenance and diagnostic functions based on the commands. In a connected workshop where certain commands have to be run on the embedded device and data from the embedded device is accessed via a data network. The access occurs through an intermediate client computing system, such as a PC, which is connected to the embedded device over USB or another peripheral connection.
One problem with existing embedded devices is that access to the embedded devices from a networked client computer often violates security policies. For example, many client computers are connected to a data network and run web browsers or other networked programs that provide potential vectors for malicious parties to control the client computer and to send unauthorized commands to the embedded device in the power tool. In general, the embedded system in the power tool cannot be preconfigured to only execute certain commands while not executing other commands at the time of manufacture because of the wide range of potential functions required for different maintenance and diagnostic procedures.
Another problem is that a user needs to have specific access to the device depending on the user role. On server side the user role can be mapped easily. However, mapping the same user role to the embedded device can be quite complex. Unless the user roles are mapped, the access to the embedded system becomes quite open and insecure. The data available in each of these power tools have to be read and stored safely on the server to enable troubleshooting, data analytics and reporting. Consequently, improvements to access control systems to ensure that an embedded device performs only authorized commands without reducing the functionality of the embedded device in a configuration where the embedded device is only directly accessible via USB or another peripheral connection would be beneficial.